Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0538

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0538
Last Modified 07 Mar 2011 10:04:52
Published 01 Feb 2008 03:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0538

Summary

Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Phpip Management 4.3.2


References

VUPEN - ADV-2008-0346

BID - 27468

MILW0RM - 4990

SECUNIA - 28656

FULLDISC - 20080127 phpIP 4.3.2 - Numerous SQL Injection Vulnerablities

XF - phpip-display-sql-injection(39965)


Last Updated: 27 May 2016 10:46:50